How is the OnRamp different than other ICS security training?
Our goal with the OnRamp is to get a lot of people up to speed on ICS security.
This lead off lecture will tell you what an ICS is and what it does. You will learn the key components and different types of ICS, and you will learn what type of information you should create and maintain to know your ICS.
The architecture of ICS has a huge impact security. The models of today and the future will be revealed as well as how security controls are overlaid on these ICS architectures.
ICS protocols monitor and control a physical process, and they are purpose built to do this. This session will show the basic features of these protocols, identify the common protocols and where they are used, and importantly talk about the secure ICS protocols that are being developed.
The horror stories of security scanning tools and other security assessment processes causing outages and worse in ICS are true. This session will teach you what not to do, but more importantly how you can use assessment tools effectively and safely on an ICS.
The TRISIS attack demonstrates that attackers are learning that safety systems are deployed to stop high consequence events. Learn the purpose of safety and protection systems, how they are the same and how they differ from ICS, safety / ICS integration practices, and the importance of adding cyber risk to your safety and protection studies.
With the barrage of FUD coming from the media, and many ICSsec experts, discover what you should learn from recent ICS attacks and known threat actors. And importantly, what should you prepare for in the next 1 – 3 years.
Given the “insecure by design” problem with ICS protocols, apps and devices, protection is difficult if the attacker is past the cyber security perimeter. Detection is key to identify attacks early and response is necessary to prevent or limit the consequences. This is a fast-moving area in ICSsec. Learn what the leaders are doing today and will do tomorrow.
The acronyms around the sector, national and global “standards” can be daunting. Learn which ones are important; how they can be productively used; and which efforts to watch for the future.
Asset owners are not truly interested in security; they care about managing risk. Much ICSsec activity today is busy work with little risk reduction. Learn how to make decision from a risk management approach, and importantly how to effectively communicate with executives and board members to get the support you need for an ICS security program.
The buzz term “Cloud Services” definitely applies to ICS. It starts with Predictive Maintenance and Efficiency Services, and it will go to Operators-in-the-cloud and more. Learn what is here, what is coming, and how to make sure you have the appropriate security.